... but it's blocked by: Sanesecurity.Phishing.Fake.24204 which was added a day ago...
Here's one site's view of the situation.... and it's history over time...
A hopefully interesting blog from the world of zero hour malware, phishing, scams and spams
3 variants of these documents so far...
VirusTotal 1
VirusTotal 2
VirusTotal 3
I've added detection for all these types, in phish.ndb as:
Malware Detected as: Sanesecurity.Malware.24509.DocHeur
ClamAV 3rd Party signatures: http://sanesecurity.com
#clamav #sanesecurity #malware
Sample Subjects:
Commercial Debt Recovery, Ref No:
Industrial Invoices
Employee Documents - Internal Use
Reference: